vulnerability
Control failures are behind a growing number of cybersecurity incidents
Data from a survey of 1,200 enterprise security leaders reveals that an increase in tools and manual reporting combined with control failures are contributing to the success …
150+ HP multifunction printers open to attack (CVE-2021-39237, CVE-2021-39238)
Over 150 HP multifunction printers (MFPs) are open to attack via two exposed physical access port vulnerabilities (CVE-2021-39237) and two different font parsing …
How to combat ransomware with visibility
In the first half of 2021, average ransomware demands surged by 518%, while payments climbed by 82%. There has been a growing number of attacks in healthcare, with 560 …
After failed fix, researcher releases exploit for Windows EoP flaw (CVE-2021-41379)
A local elevation of privilege vulnerability (CVE-2021-41379) in the Windows Installer that Microsoft supposedly fixed on November 2021 Patch Tuesday is, according to its …
Ethical hackers and the economics of security research
Bugcrowd released a report which provides CIOs and CISOs valuable insight on ethical hackers and the economics of security research. New findings indicate a startling shift in …
Lack of API visibility undermines basic principle of security
One of the oldest principles of security is that you cannot secure what you cannot see. Visibility has always been the starting place for monitoring and protecting attack …
Reality check: Your security hygiene is worse than you think it is
Sevco Security published a report which explores the gap between perceptions and realities of security hygiene and asset management. Leveraging findings from ESG’s “Security …
Zoom patches vulnerabilities in its range of conferencing apps
Zoom has patched vulnerabilities in its range of local solutions for conferences, negotiations and recordings – Zoom Meeting Connector Controller, Zoom Virtual Room …
Shrinking cyber budgets are leaving businesses at risk
The cyber budgets of enterprises rose by less than 1% during the pandemic, according to their cyber budget holders. This left cyber spend stagnating at an average of around …
Intel chip flaw could enable attacks on laptops, cars, medical devices (CVE-2021-0146)
Researchers uncovered a vulnerability in Intel Processors that could affect laptops, cars and embedded systems. The flaw (CVE-2021-0146) enables testing or debugging modes on …
10,000+ websites and apps are vulnerable to Magecart
Some of the world’s largest companies across retail, banking, healthcare, energy and many other sectors, including Fortune 500, Global 500 and governments are failing to …
Critical RCE in Palo Alto Networks (PAN) firewalls revealed, patch ASAP! (CVE-2021-3064)
The existence of a critical RCE vulnerability (CVE-2021-3064) affecting certain versions of Palo Alto Networks (PAN) firewalls using the GlobalProtect Portal VPN has been …
Featured news
Sponsored
Don't miss
- Void Banshee APT exploited “lingering Windows relic” in zero-day attacks
- SYS01 info-stealer pushed via Facebook ads, LinkedIn and YouTube posts
- ChatGPTriage: How can CISOs see and control employees’ AI use?
- Managing exam pressure: Tips for certification preparation
- Firmware update hides Bluetooth fingerprints